CN100495364C - Encryption of system paging file - Google Patents

Encryption of system paging file Download PDF

Info

Publication number
CN100495364C
CN100495364C CNB2004100119322A CN200410011932A CN100495364C CN 100495364 C CN100495364 C CN 100495364C CN B2004100119322 A CNB2004100119322 A CN B2004100119322A CN 200410011932 A CN200410011932 A CN 200410011932A CN 100495364 C CN100495364 C CN 100495364C
Authority
CN
China
Prior art keywords
data
file
key
stored
encryption
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Expired - Fee Related
Application number
CNB2004100119322A
Other languages
Chinese (zh)
Other versions
CN1622061A (en
Inventor
B·A·雷斯
D·B·克罗斯
D·G·布莱斯
顾建荣
R·Y·那加
S·A·菲尔德
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Microsoft Technology Licensing LLC
Original Assignee
Microsoft Corp
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Microsoft Corp filed Critical Microsoft Corp
Publication of CN1622061A publication Critical patent/CN1622061A/en
Application granted granted Critical
Publication of CN100495364C publication Critical patent/CN100495364C/en
Expired - Fee Related legal-status Critical Current
Anticipated expiration legal-status Critical

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F12/00Accessing, addressing or allocating within memory systems or architectures
    • G06F12/14Protection against unauthorised use of memory or access to memory
    • G06F12/1416Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights
    • G06F12/145Protection against unauthorised use of memory or access to memory by checking the object accessibility, e.g. type of access defined by the memory independently of subject rights the protection being virtual, e.g. for virtual blocks or segments before a translation mechanism
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/62Protecting access to data via a platform, e.g. using keys or access control rules
    • G06F21/6218Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
    • G06F21/6281Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database at program execution time, where the protection is within the operating system
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/70Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
    • G06F21/78Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data
    • G06F21/80Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure storage of data in storage media based on magnetic or optical technology, e.g. disks with sectors
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F2221/00Indexing scheme relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/21Indexing scheme relating to G06F21/00 and subgroups addressing additional information or applications relating to security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F2221/2143Clearing memory, e.g. to prevent the data from being stolen

Abstract

An operating system copies data from memory pages into a paging file on disk, in order to free up space in the memory. A mechanism is disclosed that causes the data to be encrypted as it is copied into the paging file, thereby protecting the paged data from unauthorized (or otherwise undesired) observation. The data that is stored in the paging file is encrypted with a session key, that is generated shortly after the machine on which the paging file exists is started. The session key, which is used both for encryption and decryption of the paging file data, is stored in volatile memory, so that the key is not persisted across boots of the machine. Since the key is not persisted across boots, old paging file data that was stored prior to the most recent boot cannot be recovered in clear text, thereby protecting the data from observation.

Description

System divides the encryption of page file
Technical field
The present invention relates generally to calculation document, relate in particular to and be used for the mechanism that the encryption and decryption virtual memory is divided page file.
Background technology
Modem computer systems provides the virtual memory instrument so that the available memory capacity above the size of physical accidental access memory (RAM) to be provided usually.Virtual memory system provides a virtual address space, and it can be greater than physical address space.For preventing that virtual memory from overflowing the content of physical address space, from physical storage, copy page or leaf during more space in needing physical storage, and when program need be visited these pages, page or leaf is duplicated back in the physical storage.When page or leaf by when physical storage copies, the content of page or leaf is stored in the file on the dish, is called " branch page file ".
Even storing memory page map-interim on dish-a problem be that the content that is difficult to these pages of protection exempts from unauthorized and observes.Physical storage generally is a volatile storage, if removed the power supply of system, and its contents lost then.Therefore, can guarantee that if system is cut off power supply, collapses or restarts, any confidential data that is stored in the volatile storage all can not be recovered by unauthorized observer.Yet if be copied to the branch page file from the data of volatile storage, these data can be by anyone observation that dish is had access rights, and in the deenergization incident, collapse or restart after, these data still exist on dish.If these data are secret or responsive, this possibility has caused a security risk, because the assailant can get this data from examining and seizing.
In view of foregoing, need a kind of mechanism that overcomes the shortcoming of prior art to protect the branch page file.
Summary of the invention
The present invention is by the encryption branch page file that has been stored in data protection in the branch page file.According to the present invention, divide page file to be labeled and be used for encrypting.Divide page file to be stored in the file system with file encryption instrument.The file system that file encryption is provided is at U.S. Patent number 6,249, describes in 866, and this patent is incorporated herein by reference.When virtual memory manager when the file system transmission will be stored in data in the branch page file, file system sees that this minute page file is labeled and is used for encrypting, and impels and encrypt these data before the storage data in minute page file.File system can communicate to carry out actual encryption with encrypted component.Encrypted component is created ciphertext and is passed ciphertext back file system to be stored in the branch page file from file system reception plaintext, application encipher key.
The general encrypt file of existing file encryption system, and the also lasting copy of preserving the required key of deciphering this document.It is significant that lasting key is stored under the situation of ordinary file, because these files are used for standing storage, and need usually and can also can decipher these files after the repeatedly startup of machine.Divide page file to be different from ordinary file: dividing page file is the temporary storage of significant data in the context of the single illustration (as between the startup of machine) of computing environment only.Thus, the paging file data almost is not worth after system is restarted, and to store these data with spendable form be a kind of shortcoming with regard to its meaning that causes security risk.Lasting thus to preserve the needed key of deciphering paging file data may be dangerous, can allow data-comprise secret or sensitive data-(after on the machine that is removed and be installed to the hacker at hard disk from its anticipated machines) deciphering in a certain uncertain context environmental because do like this.According to a feature of the present invention, the each startup generates a session key, and single run (as between starting and the closing) encryption and decryption that this session key only is used in system divide the content of page file.This session key is not crossed over the repeatedly startup of machine and is preserved lastingly.
Owing to may any moment after startup the page or leaf of physical storage must be copied to the branch page file, preferably after machine startup is very of short duration, generate this session key, be ready to serve arbitrary request of writing the branch page file to guarantee this key.Preferably, the assembly of generation key has been preserved a piece of physical storage after startup is very of short duration.It is the work space of the data of target that the storer of this preservation can be used as that encrypted component is used to encrypt with minute page file, and/or between file system and encrypted component the buffer memory of Data transmission.
Further feature of the present invention has hereinafter been described.
Description of drawings
When read in conjunction with the accompanying drawings, can understand above general introduction better, and following preferred embodiment is detailed
Describe.For purpose of the present invention is described, representative configuration of the present invention has been shown in the accompanying drawing; Yet the present invention also
Be not limited to the concrete grammar and the means that are disclosed.In the accompanying drawing:
Fig. 1 is the block diagram that can realize the example calculations environment of each side of the present invention therein;
Fig. 2 computer memory and with the block diagram of the relation of file system;
Fig. 3 is the block diagram of the mechanism of encrypt file;
Fig. 4 is the process flow diagram for the process of paging file encryption preparation system;
Fig. 5 is the process flow diagram that is used for encrypting the process of the memory data that will be stored in the branch page file;
Fig. 6 is the block diagram from the memory manager of encrypting paging document retrieval page or leaf.
Embodiment
Summary
Virtual memory manager provides the virtual address space greater than the physics volatile storage of machine.Virtual memory manager is carried out this task by copying data to and copy volatile storage when needed.When with data when volatile storage copies, in the branch page file of this data storing on dish.The invention provides a kind of mechanism, wherein, by storing the paging file data with encrypted form, the data that are stored in the branch page file can be protected to exempt from unauthorized observation.
Example calculations is arranged
Fig. 1 shows the example calculation environment 100 that is adapted at wherein realizing each side of the present invention.Computingasystem environment 100 only is an example of suitable computing environment, is not the limitation of suggestion to the scope of use of the present invention or function.Computing environment 100 should be interpreted as that the arbitrary assembly shown in the exemplary operation environment 100 or its combination are had dependence or demand yet.
The present invention can use numerous other universal or special computingasystem environment or configuration to operate.Be fit to use well-known computing system of the present invention, environment and/or configuration to include but not limited to: personal computer, server computer, hand-held or laptop devices, multicomputer system, the system based on microprocessor, set-top box, programmable consumer electronics, network PC, minicomputer, large scale computer, to comprise distributed computing environment of arbitrary said system or equipment or the like.
The present invention can describe in the general context environmental of computer executable instructions, the program module of computer executable instructions as being carried out by computing machine.Generally speaking, program module comprises routine, program, object, assembly, data structure or the like, carries out specific task or realizes specific abstract data type.The present invention also can put into practice in distributed computing environment, and wherein, task is carried out by the teleprocessing equipment that connects by communication network or other data transmission mechanism.In distributed computing environment, program module and other data can be arranged in local and remote computer storage media, comprise memory storage device.
With reference to figure 1, be used to realize that example system of the present invention comprises the general-purpose computations device with computing machine 110 forms.The assembly of computing machine 110 can include but not limited to, processing unit 120, system storage 130 and will comprise that the sorts of systems assembly of system storage is coupled to the system bus 121 of processing unit 120.The a plurality of Logical processing units of processing unit 120 representatives are supported as multiline procedure processor.System bus 121 can be any of some kinds of types of bus structure, comprises memory bus or Memory Controller, peripheral bus and the local bus that uses all kinds of bus architectures.As example but not limitation, this class architecture comprises ISA(Industry Standard Architecture) bus, MCA (MCA) bus, strengthens ISA (EISA) bus, Video Electronics Standards Association's (VESA) local bus and peripheral component interconnect (pci) bus (being also referred to as the Mezzanine bus).System bus 121 also may be implemented as communication facilitiess such as point-to-point connection, switching fabric.
Computing machine 110 generally includes various computer-readable mediums.Computer-readable medium can be to comprise the non-volatile medium of easily becoming estranged, removable and not removable medium by arbitrary available media of computing machine 110 visits.As example but not the limitation, computer-readable medium comprises computer storage media and communication media.Computer storage media comprises with easily becoming estranged of arbitrary method that is used for store information or technology realization non-volatile, removable and not removable medium, information such as computer-readable instruction, data structure, program module or other data.Computer storage media includes but not limited to, RAM, ROM, EEPROM, flash memory or other memory technology, CDROM, digital versatile disc (DVD) or other optical disc storage, magnetic holder, tape, disk storage or other magnetic storage apparatus, maybe can be used for storing desired information and can be by arbitrary other medium of computing machine 110 visits.Communication media comprises computer-readable instruction, data structure, program module or other data usually in the modulated message signal such as carrier wave or other transmission mechanism, and comprises that arbitrary information transmits medium.Term " modulated message signal " refers to be provided with or change in the mode that the information in the signal is encoded the signal of its one or more features.As example but not limitation, communication media comprises wired medium, as cable network or directly line connect, and wireless media is as acoustics, RF, infrared and other wireless media.Above-mentioned arbitrary combination also should be included within the scope of computer-readable medium.
System storage 130 comprises the computer storage media with easy mistake and/or nonvolatile memory form, as ROM (read-only memory) (ROM) 131 and random-access memory (ram) 132.Basic input/output 133 (BIOS) comprises as help the basic routine of transmission information between the element in computing machine 110 when starting, is stored in usually among the ROM 131.RAM 132 comprises addressable immediately or current data of operating of processing unit 120 and/or program module usually.As example but not the limitation, Fig. 1 shows operating system 134, application program 135, other program module 136 and routine data 137.
Computing machine 110 also can comprise other removable/not removable, easy mistake/non-volatile computer storage media.Only make example, the disc driver 151 that Fig. 1 shows hard disk drive 141 that not removable, non-volatile magnetic medium is read and write, read and write removable, non-volatile disk 152 and to removable, nonvolatile optical disk 156, the CD drive of reading and writing as CD ROM or other optical media 155.Other that can use in the exemplary operation environment be removable/and not removable, easy mistake/non-volatile computer storage media includes but not limited to tape cassete, flash card, digital versatile disc, digital video band, solid-state RAM, solid-state ROM or the like.Hard disk drive 141 passes through not removable memory interface usually, is connected to system bus 121 as interface 140, and disc driver 151 and CD drive 155 are connected to system bus 121 usually by the removable memory interfaces as interface 150.
Fig. 1 discussion and the driver that illustrates and related computer storage media thereof provide the storage of computer-readable instruction, data structure, program module and other data for computing machine 110.For example, in Fig. 1, hard disk drive 141 store operation systems 144, application program 145, other program module 146 and routine data 147 are shown.Notice that these assemblies can be identical with routine data 137 with operating system 134, application program 135, other program module 136, also can be different with them.Here give different labels to operating system 144, application program 145, other program module 146 and routine data 147 and illustrate that they are different copies at least.The user can pass through input equipment, as keyboard 162 and positioning equipment 161 (being often referred to mouse, tracking ball or touch pad) to computing machine 110 input commands and information.Other input equipment (not shown) can comprise microphone, operating rod, game mat, satellite dish, scanner or the like.These and other input equipment is connected to processing unit 120 by the user's input interface 160 that is coupled to system bus usually, but also can be connected with bus structure by other interface, as parallel port, game port or USB (universal serial bus) (USB).The display device of monitor 191 or other type also by interface, is connected to system bus 121 as video interface 190.Except that monitor, computing machine also comprises other peripheral output device, as loudspeaker 197 and printer 196, connects by output peripheral interface 195.
Computing machine 110 can use one or more remote computers, operates in the networked environment that connects as the logic of remote computer 180.Remote computer 180 can be personal computer, server, router, network PC, peer device or other common network node, and generally include the relevant element of many or all above-mentioned and computing machines 110, although in Fig. 1, only show memory storage device 180.The logic that Fig. 1 describes connects and comprises Local Area Network 171 and wide area network (WAN) 173, but also can comprise other network.This class network environment is common in office, enterprise-wide. computer networks, Intranet and the Internet.
When using in the lan network environment, computing machine 110 is connected to LAN 171 by network interface or adapter 170.When using in the WAN network environment, computing machine 110 can comprise modulator-demodular unit 173 or other device, is used for by WAN 173, sets up communication as the Internet.Modulator-demodular unit 172 can be internal or external, is connected to system bus 121 by user's input interface 160 or other suitable mechanism.As example but not the limitation, Fig. 1 shows remote application 185 and resides on the memory devices 181.Be appreciated that it is exemplary that the network that illustrates connects, and also can use other device of setting up communication between computing machine.
The storage of storage page in minute page file
Fig. 2 shows the computer memory and the file system of storing memory page or leaf therein.Computer system comprises storer, as RAM 132.RAM 132 comprises some bytes of memory devices that can be organized into page or leaf.Each page be determine size store byte continuous piece-for example, exemplary systems can be supported the page or leaf size of 4 kilobyte or 4 megabyte, or support this two kinds of sizes simultaneously.In the example of Fig. 2, RAM 132 comprise the page or leaf 202 (1), 202 (2), 202 (3), 202 (4), 202 (5) ..., 202 (n).
File system 208 is with the form of file storage data on dish, and also comprise constituent act (as, by the catalogue of maintenance documentation), the storage of execute file and retrieval and execution other required by task relevant software and/or the hardware wanted with file maintenance.In the example of Fig. 2, file system 208 store files 204 (1), 204 (2) ..., 204 (m).In addition, file system 208 can store one or more minutes page files, as minute page file 206.Dividing page file 206 is the files that are used to store from the copy of the page or leaf that coils.Arbitrary program can be safeguarded the branch page file, although most typical be safeguard to divide a page file to be shared by all application programs and process by operating system (operating system 134 as shown in Figure 1).In this example, dividing page file 206 is branch page files of being safeguarded by operating system 134.MICROSOFT WINDOWS operating system is to safeguard the example of the operating system of this minute page file.When needs discharged storage space, operating system 134 copied to the page or leaf of storer in the branch page file 206.For example, operating system 134 can determine that the physical storage of redistributing page or leaf 202 (4) then is used to store other data, discharges the space among the RAM 132 by file 206 is arrived in the content replication of page or leaf 202 (4).On the contrary, when operating system 134 reception visits are not stored in the request of the data among the RAM 132, because these data be positioned at the page or leaf that before copies to branch page file 206 go up (as, generate page fault when unusual when the trial that is marked as the page or leaf that in virtual address translation tables, " does not exist " based on visit), operating system 134 duplicates out from minute page file 206 with the content of searched page or leaf, and puts it in the physical page frame of RAM 132 (and adjusting the address translation table simultaneously to point to new page position).
A feature that can be provided by file system 208 is the file encryption assembly, as shown in Figure 3.The a plurality of files of file system 208 storages (as, file 204 (1), 204 (2), 204 (3)), as before shown and discussion in conjunction with Fig. 2.Encrypted component 304 represents the function of using key 302 encryptions and declassified document.Preferably, file system 208 can be to encrypt or form store files expressly.In this case, whether maintained with encrypted form according to this document, each file that is stored in the file system 208 is associated with the sign that can be set up or be not provided with.In the example of Fig. 3, related being set up of sign 310 (with file 204 (2)), indication file 204 (2) is encrypted.
Encrypted component 304 represents the function of encrypt and decrypt documents.Thus, when file system 208 was received in the request of storage data in the file 204 (2) (or its sign is marked as arbitrary other file of encryption), file system 208 was called encrypted component 304, and the plaintext 306 that will store is delivered to encrypted component 304.Encrypted component 304 uses key 302 to come encrypting plaintext 306 then, and ciphertext 308 is transmitted palindrome part system 208.Ciphertext 308 is stored in the file 204 (2) then.If file system 208 receives a request from file 204 (2) retrieving informations, file system 208 will constantly see that file 204 (2) is marked as encryption at that, and encrypted ciphertext is delivered to encrypted component 304 from this document.Encrypted component 304 uses key 302 these ciphertexts of deciphering then, and returns expressly; File system 208 is passed plaintext back requestor then.In a preferred embodiment, encrypted component 304 uses symmetric key algorithm, carries out encryption and decryption as data encryption standard (DES), triple des (3DES) or Advanced Encryption Standard (AES).
In a preferred embodiment, encrypted component 304 comprises the function that generates key 302, and encrypted component 304 provides key 302 to the software of managing file system 208.As described below in connection with Figure 4, after system start-up, generate key 302 at once, and key is not preserved lastingly in non-volatile memory.
Preferably, system can have and determines whether should be provided with or not be provided with this locality or the central configuration safety policy that encryption indicator is created the branch page file.The registry entries that the encryption that indicates whether to carry out the branch page file for example, can be arranged.After the startup-when system be the given conversation establishing time-system that divides page file can check registration table determine whether will for this minute page file encryption indicator is set.
For the system of paging file encryption is prepared
Fig. 4 is the process flow diagram for the process of paging file encryption preparation system.At first, startup will be used the system (402) that divides page file of encrypting therein.After starting, the reserve storage piece is used for some use (404).Particularly, the memory block of reservation can have following purposes: at first, the storer of some reservation can be used as can come the buffer memory of write-back by it between file system and encrypted component.If (attempt write data between file system and encrypted component, and the storer of preserving is not enough, then this is write and is divided into a plurality of stages, perhaps can attempt to distribute more storer.) the second, the storer of some reservation can be used as the work space of encrypted component.
Next step creates the session key that is used to encrypt the branch page file, and it is stored in the volatile storage medium (406) that is not slit into sheets dish.Session key does not preferably store to cross over the mode that starts lasting preservation key; Thus, it is decrypted that the encryption paging file data that generates in one-shot can't surmount current sessions, protected this safety of data thus.(for example, if hard disk is removed from computer system and stolen, then this hard disk should not comprise the copy of session key, and this copy will allow to work as this hard disk, and to be installed on another machine time-division page file data decrypted.) preferably, session key is stored in not in the paging memory, makes it finally can not be slit into sheets dish.(the key paging not only can be produced safety problem to dish, and department causes deadlock, because the branch page file that can need this key to decipher to have stored this key.) should be noted that although Fig. 4 shows after the reserve storage piece and create session key, yet this sequence is not required for the present invention.
Create then and divide page file, the encryption indicator (408) on this document is set.In this, prepared system for the paging file encryption.When memory manager moves around data between storer and branch page file, use session key to come these data of encrypt/decrypt (410).Divide the process of mobile data between the page file more specifically to describe at storer and encryption in conjunction with Fig. 5.
Fig. 5 shows the process that stores enciphered data in minute page file.In the operating process of system certain a bit on, memory manager determine to be stored in data in the storer will be moved to dish (as, with the space in the release storer).Memory manager use then instruction that content is write the branch page file with the delivery of content of storage page to file system (502).File system checks then whether the encryption indicator on the branch page file is set up (504).If encryption indicator is not provided with, then the data that memory manager is provided are as expressly writing branch page file (506).
If for dividing page file to be provided with encryption indicator, then the file system call encrypted component is encrypted these data (508).Encrypted component uses session key to encrypt these data (510) then, to generate ciphertext.Then ciphertext is transmitted palindrome part system (512), and file system is stored in this ciphertext in the branch page file (514).Should be noted that suitable symmetric encipherment algorithm (as, DES, 3DES, AES or the like) normally to define the block cipher of block encryption data of size; Thus, the ciphertext of generation (and writing the branch page file) is the size of the piece that cryptographic algorithm was suitable at least.
Be similar to the storage process that Fig. 5 describes from the process of encrypting paging document retrieval data: when from the request of paging document retrieval data when memory manager enters, if this minute, page file was marked as encryption, then file system provides the ciphertext that is stored in the branch page file to encrypted component, and encrypted component is suitable for session key and deciphers this ciphertext and return plaintext.The example system that can carry out this process is shown in Figure 6.Receive the request of the concrete page or leaf of reference-to storage, and the reservoir manager determines that the page or leaf of (based on the page or leaf mapping) request is not in storer.Not existing of page or leaf causes generating page fault.Error handler is made the file access request with the page or leaf from paging document retrieval request.File system 208 receives these request of access, and sees that this minute page file is marked as encryption.Thus, file system 208 is called encrypted component 304 to be suitable for the page or leaf that the session key deciphering is asked.The page or leaf that encrypted component 304 will be deciphered then transmits palindrome part system, and the page or leaf that file system will be deciphered is back to memory manager 602.The content of the page or leaf that memory manager 602 will be retrieved then is stored in the physical storage page frame, and the mapping of adjustment page or leaf reflects page existing in physical storage (and reposition).Whether encrypted preferably, the process of encryption and decryption paging file data is transparent to memory manager, can be in the request of not considering to make under these data situation the storage and retrieval data.
Notice that above-mentioned example is only for task of explanation provides, and should not be interpreted as limitation of the present invention.Although described the present invention with reference to various embodiment, be appreciated that the word that this place is suitable for is to describe and the illustrative word, and non-limiting word.In addition, although described the present invention with reference to concrete device, material and embodiment herein, the present invention does not also mean that the restriction of the singularity that this place is disclosed; On the contrary, the present invention prolongs and all function equivalent structure, method and purposes, as is in the appended claims scope those.Those skilled in the art benefited from the instruction of this instructions can make various modifications and variations to it under the situation of the scope and spirit that do not break away from each side of the present invention.

Claims (16)

1. system that computing environment is provided, described environment comprises virtual memory, it is characterized in that, described system comprises:
One virtual memory manager, it is by at volatile storage be stored in and move between the branch page file on the hard disk or copy data provides described virtual memory, and described system is stored in the content that described minute data on the page file are protected described virtual memory by encryption; And
One generates the key generator of session key, described session key is used to encrypt described data, and described session key also will be used for the deciphering of enciphered data subsequently, if wherein said session key is startup to occur after described session key generates then impel the non-persistent storage of disabled mode that becomes of described key;
Wherein, before generating described session key, a memory block is retained, and described memory block is as following arbitrary:
In the file system of safeguarding described minute page file with use described session key to carry out the buffer memory of Data transmission between the encrypted component of encryption and decryption of described data; And
Generating the work space that uses before the described session key by encrypted component.
2. the system as claimed in claim 1 is characterized in that, described virtual memory manager is transmitted described data to a file system, and wherein, described file system makes described data encrypted before in being stored into described minute page file.
3. system as claimed in claim 2, it is characterized in that, described file system is encryption with described paging file mark, and wherein, described minute page file receiving described data storing after the request in described minute page file, determine that described minute page file is marked as encryption, and communicate with an encrypted component and to encrypt described data.
4. the system as claimed in claim 1 is characterized in that, described system also protects the content of described virtual memory by the persistent storage of guaranteeing not have described session key.
5. the system as claimed in claim 1 is characterized in that, the encryption of described data is carried out according to the one or more of following algorithm:
DES Cipher;
Triple des 3DES; Or
Advanced Encryption Standard AES.
6. the system as claimed in claim 1; it is characterized in that; also when guaranteeing in being stored in described minute page file, all user mode application and the data that are stored in the described virtual memory are all encrypted, protect the content of described virtual memory in described system.
7. method of protecting virtual memory is characterized in that it comprises:
Storage data in a plurality of pages or leaves of volatile storage;
Determine that first the content in will described a plurality of pages moves to a branch page file that is stored on the dish from described volatile storage;
With the instruction that described content is stored in the branch page file described content is offered a file system, described minute page file is marked as and will encrypts, described file system impels described content to use a key to encrypt, again described content is stored in described minute page file, need described key come decrypted packet to be contained in the described minute information in the page file, described key is stored by the mode that will cause described key to be lost that restarts with the machine that stores described key;
Before generating described key, a piece that keeps described virtual memory is as work space, and wherein, the use of described work space had been avoided before generating described session key the demand of virtual memory content replication to dish.
8. method as claimed in claim 7 is characterized in that it also comprises:
After the startup of described machine, generate described key.
9. method as claimed in claim 7 is characterized in that, described file system impels described content to encrypt by communicating with an encrypted component, and described encrypted component is encrypted the file that is labeled as encryption by described file system.
10. method as claimed in claim 9 is characterized in that it also comprises:
A piece that keeps described virtual memory can transmit data between described file system and described encrypted component therein back and forth.
11. an encryption that is maintained as computer stored virtual memory data divides the system of page file, it is characterized in that described system comprises:
One encrypted component, it receives data and uses a key to carry out encryption and decryption on described data;
One generates the mechanism of described key;
Memory location in the one described computing machine, the mode that it is preserved lastingly with the startup that impels described key not cross over described computing machine stores described key; And
One virtual memory manager, it stored the data of duplicating or moving at one minute in the page file by asking a file system, dish is duplicated or moved to data from volatile storage, the data of the described encrypted component of described file system access to use described secret key encryption to duplicate or move;
Wherein said encrypted component keeps a memory block after startup, described memory block generates described key work space before as described encrypted component, thus, the enough spaces that before generating described key, in described volatile storage, have the service data that is used to store described encrypted component.
12. system as claimed in claim 11 is characterized in that, described memory block is as the buffer memory that transmits information between described file system and described encrypted component back and forth.
13. system as claimed in claim 11 is characterized in that, described key is directed to described minute in described virtual memory with the storage of described data and generates before the page file.
14. system as claimed in claim 11 is characterized in that, described key is stored in the described volatile storage, and wherein, does not have the copy of described key to be stored in the arbitrary nonvolatile memory or memory device of described computing machine.
15. a method that takes place behind computer starting is characterized in that, described method comprises:
Generate a session key;
Store described session key can not cross over the non-persistent mode that machine startup exists;
The virtual memory data that the retrieval indication is stored on the dish are wanted encrypted information;
With a paging file mark is encrypt file;
Receive data the described minute page file being stored on the dish from a memory manager from easy mistake memory device;
By in the data of using a session secret key encryption to be received by described minute before the page file described data storing, protect the data that received to exempt from observation; And
Kept a memory block before generating described session key, wherein, described memory block is as following arbitrary:
In the file system of safeguarding described minute page file with use described session key to carry out the buffer memory of Data transmission between the encrypted component of encryption and decryption of described data; And
Generating the work space that uses before the described session key by encrypted component.
16. method as claimed in claim 15 is characterized in that, described session key is stored in the described easy mistake memory device, and does not have the copy of described session key to be stored on the dish.
CNB2004100119322A 2003-11-25 2004-09-21 Encryption of system paging file Expired - Fee Related CN100495364C (en)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
US10/721,562 2003-11-25
US10/721,562 US7325115B2 (en) 2003-11-25 2003-11-25 Encryption of system paging file

Publications (2)

Publication Number Publication Date
CN1622061A CN1622061A (en) 2005-06-01
CN100495364C true CN100495364C (en) 2009-06-03

Family

ID=34465670

Family Applications (1)

Application Number Title Priority Date Filing Date
CNB2004100119322A Expired - Fee Related CN100495364C (en) 2003-11-25 2004-09-21 Encryption of system paging file

Country Status (5)

Country Link
US (1) US7325115B2 (en)
EP (1) EP1536307B1 (en)
JP (1) JP2005158043A (en)
KR (1) KR101120779B1 (en)
CN (1) CN100495364C (en)

Families Citing this family (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
US8108693B2 (en) 2005-04-01 2012-01-31 Ged-I Ltd. Method for data storage protection and encryption
EP1870813B1 (en) * 2006-06-19 2013-01-30 Texas Instruments France Page processing circuits, devices, methods and systems for secure demand paging and other operations
KR100969758B1 (en) * 2007-01-22 2010-07-13 삼성전자주식회사 Method and apparatus for encrypting and processing data in flash translation layer
US8290159B2 (en) 2007-03-16 2012-10-16 Ricoh Company, Ltd. Data recovery method, image processing apparatus, controller board, and data recovery program
JP4994903B2 (en) * 2007-03-16 2012-08-08 株式会社リコー Encryption key recovery method, information processing apparatus, and encryption key recovery program
US8886963B2 (en) * 2011-09-15 2014-11-11 Apple Inc. Secure relocation of encrypted files
CN103605933A (en) * 2012-12-13 2014-02-26 深圳市证通电子股份有限公司 Key information storing method and device based on standard unit technology
US9367699B2 (en) * 2013-02-07 2016-06-14 Steelcloud, Llc Automating the creation and maintenance of policy compliant environments
US9294266B2 (en) 2013-06-27 2016-03-22 Qualcomm Incorporated Method and apparatus to encrypt plaintext data
JP6265783B2 (en) * 2014-03-06 2018-01-24 キヤノン株式会社 Encryption / decryption system, control method therefor, and program
JP6399821B2 (en) * 2014-06-23 2018-10-03 キヤノン株式会社 Information processing apparatus, information processing method, and computer program
US10445233B2 (en) 2014-06-23 2019-10-15 Canon Kabushiki Kaisha Information processing apparatus, information processing method, and storage medium
KR101571377B1 (en) * 2015-05-12 2015-11-24 주식회사 기가레인 System and method for beacon data
US9710401B2 (en) * 2015-06-26 2017-07-18 Intel Corporation Processors, methods, systems, and instructions to support live migration of protected containers
CN106203109B (en) * 2016-06-29 2019-08-27 珠海豹趣科技有限公司 A kind of safe protection treatment method, apparatus and electronic equipment
US10924508B2 (en) 2017-12-21 2021-02-16 Sonicwall Inc. Providing access to data in a secure communication
US11824895B2 (en) 2017-12-27 2023-11-21 Steelcloud, LLC. System for processing content in scan and remediation processing
US11496519B1 (en) * 2019-11-29 2022-11-08 Amazon Technologies, Inc. Managing security in isolated network environments
US11494523B2 (en) * 2020-08-14 2022-11-08 Intel Corporation Direct memory access mechanism

Family Cites Families (19)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
JP2932919B2 (en) * 1993-11-30 1999-08-09 富士ゼロックス株式会社 Virtual storage system
US5920895A (en) 1995-04-24 1999-07-06 Microsoft Corporation Mapped file input/output with delayed zeroing
JPH09204360A (en) * 1996-01-24 1997-08-05 Toshiba Corp Method for protecting confidential data
US5825878A (en) * 1996-09-20 1998-10-20 Vlsi Technology, Inc. Secure memory management unit for microprocessor
US5757919A (en) * 1996-12-12 1998-05-26 Intel Corporation Cryptographically protected paging subsystem
US6708274B2 (en) * 1998-04-30 2004-03-16 Intel Corporation Cryptographically protected paging subsystem
US6405315B1 (en) 1997-09-11 2002-06-11 International Business Machines Corporation Decentralized remotely encrypted file system
US5931947A (en) 1997-09-11 1999-08-03 International Business Machines Corporation Secure array of remotely encrypted storage devices
US6249866B1 (en) 1997-09-16 2001-06-19 Microsoft Corporation Encrypting file system and method
US6003117A (en) 1997-10-08 1999-12-14 Vlsi Technology, Inc. Secure memory management unit which utilizes a system processor to perform page swapping
US6330670B1 (en) 1998-10-26 2001-12-11 Microsoft Corporation Digital rights management operating system
JP2002529815A (en) * 1998-11-05 2002-09-10 コーニンクレッカ フィリップス エレクトロニクス エヌ ヴィ Secure memory management unit using multiple encryption algorithms
US6442654B1 (en) 1999-12-10 2002-08-27 International Business Machines Corporation Operating system support for in-server caching of documents
DE10196440B4 (en) * 2000-07-18 2006-03-23 Intel Corporation, Santa Clara Control access to multiple isolated storage in an isolated execution environment
JP2003051819A (en) * 2001-08-08 2003-02-21 Toshiba Corp Microprocessor
US7107459B2 (en) 2002-01-16 2006-09-12 Sun Microsystems, Inc. Secure CPU and memory management unit with cryptographic extensions
US7343493B2 (en) * 2002-03-28 2008-03-11 Lenovo (Singapore) Pte. Ltd. Encrypted file system using TCPA
AU2003298560A1 (en) * 2002-08-23 2004-05-04 Exit-Cube, Inc. Encrypting operating system
JP4655452B2 (en) * 2003-03-24 2011-03-23 富士ゼロックス株式会社 Information processing device

Also Published As

Publication number Publication date
JP2005158043A (en) 2005-06-16
CN1622061A (en) 2005-06-01
US20050114688A1 (en) 2005-05-26
US7325115B2 (en) 2008-01-29
KR20050050530A (en) 2005-05-31
EP1536307A1 (en) 2005-06-01
KR101120779B1 (en) 2012-03-23
EP1536307B1 (en) 2018-10-10

Similar Documents

Publication Publication Date Title
CN100495364C (en) Encryption of system paging file
US8392727B2 (en) System and method for transparent disk encryption
US6993661B1 (en) System and method that provides for the efficient and effective sanitizing of disk storage units and the like
US6292899B1 (en) Volatile key apparatus for safeguarding confidential data stored in a computer system memory
US8204233B2 (en) Administration of data encryption in enterprise computer systems
US9256499B2 (en) Method and apparatus of securely processing data for file backup, de-duplication, and restoration
US9122882B2 (en) Method and apparatus of securely processing data for file backup, de-duplication, and restoration
US20140143555A1 (en) Storage and recovery of cryptographic key identifiers
JP4851200B2 (en) Method and computer-readable medium for generating usage rights for an item based on access rights
JP5020857B2 (en) Computer system and terminal
US20070014403A1 (en) Controlling distribution of protected content
US9064133B2 (en) Method and apparatus of securely processing data for file backup, de-duplication, and restoration
US20080016127A1 (en) Utilizing software for backing up and recovering data
JP2010063105A (en) Accelerated cryptography using encryption attribute
CN114556869B (en) Key management method for encrypting data, data processing system and storage medium
JP2009139990A (en) Technology for preventing unauthorized access to information
US7949137B2 (en) Virtual disk management methods
KR100407692B1 (en) Hard Disk Real Time Security System and Preservation Method of Hard Disk Real Time Security System
JPH05233460A (en) File protection system
WO2023112272A1 (en) Management method, information processing device, and management program
CA2563144C (en) System and method for file encryption and decryption
JPH1145202A (en) File erasure preventing device

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
C14 Grant of patent or utility model
GR01 Patent grant
ASS Succession or assignment of patent right

Owner name: MICROSOFT TECHNOLOGY LICENSING LLC

Free format text: FORMER OWNER: MICROSOFT CORP.

Effective date: 20150506

C41 Transfer of patent application or patent right or utility model
TR01 Transfer of patent right

Effective date of registration: 20150506

Address after: Washington State

Patentee after: Micro soft technique license Co., Ltd

Address before: Washington State

Patentee before: Microsoft Corp.

CF01 Termination of patent right due to non-payment of annual fee

Granted publication date: 20090603

Termination date: 20190921

CF01 Termination of patent right due to non-payment of annual fee